CVE-2025-49060 | CMSSuperHeroes Wastia Plugin up to 1.1.3 on WordPress unrestricted upload

October 22, 2025 Yanac

A vulnerability was found in CMSSuperHeroes Wastia Plugin up to 1.1.3 on WordPress. It has been declared as critical. The affected element is an unknown function. The manipulation results in unrestricted upload.

This vulnerability is reported as CVE-2025-49060. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More